Details of VAR-202404-3640

ID

VAR-202404-3640

CVE

CVE-2024-0159

TITLE

Dell's Alienware Command Center Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2024-018432

DESCRIPTION

Dell Alienware Command Center, versions 5.5.52.0 and prior, contain improper access control vulnerability, leading to Denial of Service on local system. Dell's Alienware Command Center Exists in unspecified vulnerabilities.Service operation interruption (DoS) It may be in a state

Trust: 1.62

sources: NVD: CVE-2024-0159 // JVNDB: JVNDB-2024-018432

AFFECTED PRODUCTS

vendor:	dell	model:	alienware command center	scope:	gte	version:	5.2.1.0	Trust: 1.0
vendor:	dell	model:	alienware command center	scope:	lt	version:	5.6.1.0	Trust: 1.0
vendor:	デル	model:	alienware command center	scope:	eq	version:	5.2.1.0 that's all 5.6.1.0	Trust: 0.8
vendor:	デル	model:	alienware command center	scope:	eq	version:	-	Trust: 0.8
vendor:	デル	model:	alienware command center	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2024-018432 // NVD: CVE-2024-0159

CVSS

SEVERITY

CVSSV2

CVSSV3

security_alert@emc.com:	CVE-2024-0159
value:	MEDIUM
Trust: 1.0
nvd@nist.gov:	CVE-2024-0159
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2024-0159
value:	MEDIUM
Trust: 0.8

security_alert@emc.com:	CVE-2024-0159
baseSeverity:	MEDIUM
baseScore:	6.7
vectorString:	CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	HIGH
privilegesRequired:	LOW
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	0.8
impactScore:	5.9
version:	3.1
Trust: 1.0
nvd@nist.gov:	CVE-2024-0159
baseSeverity:	MEDIUM
baseScore:	5.5
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	3.6
version:	3.1
Trust: 1.0
NVD:	CVE-2024-0159
baseSeverity:	MEDIUM
baseScore:	5.5
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2024-018432 // NVD: CVE-2024-0159 // NVD: CVE-2024-0159

PROBLEMTYPE DATA

problemtype:	CWE-1107	Trust: 1.0
problemtype:	NVD-CWE-Other	Trust: 1.0
problemtype:	Insufficient separation of definitions of symbolic constants (CWE-1107) [ others ]	Trust: 0.8
problemtype:	others (CWE-Other) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2024-018432 // NVD: CVE-2024-0159

EXTERNAL IDS

db:	NVD	id:	CVE-2024-0159	Trust: 2.6
db:	JVNDB	id:	JVNDB-2024-018432	Trust: 0.8

sources: JVNDB: JVNDB-2024-018432 // NVD: CVE-2024-0159

REFERENCES

url:	https://www.dell.com/support/kbdoc/en-us/000218222/dsa-2024-016-security-update-for-dell-alienware-command-center-vulnerabilities	Trust: 1.8
url:	https://nvd.nist.gov/vuln/detail/cve-2024-0159	Trust: 0.8

sources: JVNDB: JVNDB-2024-018432 // NVD: CVE-2024-0159

SOURCES

db:	JVNDB	id:	JVNDB-2024-018432
db:	NVD	id:	CVE-2024-0159

LAST UPDATE DATE

2025-02-08T23:24:17.998000+00:00

SOURCES UPDATE DATE

db:	JVNDB	id:	JVNDB-2024-018432	date:	2025-02-07T07:52:00
db:	NVD	id:	CVE-2024-0159	date:	2025-01-31T16:45:40.253

SOURCES RELEASE DATE

db:	JVNDB	id:	JVNDB-2024-018432	date:	2025-02-07T00:00:00
db:	NVD	id:	CVE-2024-0159	date:	2024-04-10T07:15:08.447